Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          wGuW8oeAXyBqyZ9oRGarQv3ohi3fJywnScx71wA+a20=
Subject key identifier:   B1:74:AF:83:51:75:01:AF:4C:E5:87:BF:83:AE:51:7A:BA:B5:FA:8A
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       019A4F62483A0BE98EA25129BDC331950511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          1458
Signing time:             Tue 04 Nov 2025 15:00:32 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:32 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:32 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: GZCriSujmN73Reul+LePJ/JWQ6O0WA5CClhNyn36ZMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:48:3a:0b:e9:8e:a2:51:29:bd:c3:31:95:05:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Nov  4 15:00:32 2025 GMT
            Not After : Nov  5 15:00:32 2025 GMT
        Subject: CN=b174af83517501af4ce587bf83ae517abab5fa8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:de:77:98:a8:2b:3b:bf:2f:44:51:a9:7a:1b:
                    84:ca:cd:4b:ea:3a:54:44:50:1c:b8:98:67:0a:71:
                    01:a2:ff:99:27:91:b2:c4:30:8a:ef:61:61:c0:eb:
                    77:06:f8:83:8f:1a:89:8f:57:8d:54:01:d8:2e:25:
                    39:11:da:75:e5:66:af:1f:fb:fd:98:61:d1:75:ae:
                    a9:45:49:9c:dc:23:d8:a1:b7:7d:7c:1d:5b:97:c1:
                    c1:81:65:c9:6a:a1:ae:26:08:1c:92:aa:57:ce:a3:
                    63:18:e5:37:a3:d5:0a:fd:59:d2:b2:20:ca:72:e8:
                    d6:1d:45:3f:b5:a2:dc:5e:ba:31:c9:6f:99:75:2e:
                    65:fc:a8:13:22:5c:ce:04:bf:e1:9b:4c:31:b7:28:
                    90:df:27:84:58:55:b0:b8:82:07:60:5e:c4:fd:fc:
                    c1:59:4a:10:bc:c8:c5:38:af:b0:50:46:03:cd:bc:
                    8c:75:04:c8:c6:3d:1f:2c:e8:d2:ec:29:38:81:e5:
                    40:e2:1e:80:e2:02:3d:70:31:e1:6e:8e:9f:8b:82:
                    b5:a9:a0:0a:a2:a0:f5:29:4b:13:97:54:88:70:68:
                    44:c9:7d:bd:1b:5d:0c:a2:d2:bd:e1:a6:84:50:6e:
                    81:8d:97:93:7f:c2:29:a5:2a:a6:a2:87:65:f0:28:
                    cd:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:74:AF:83:51:75:01:AF:4C:E5:87:BF:83:AE:51:7A:BA:B5:FA:8A
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:bf:f9:81:ec:95:35:ce:3a:a8:72:47:37:8f:64:be:ff:10:
         38:75:d6:36:e0:08:f5:01:a6:7f:d2:88:af:b1:aa:f7:5d:83:
         0d:6c:b5:40:e0:0e:33:3a:90:ad:1d:70:42:fb:4d:c2:79:63:
         8e:8d:b0:79:9e:b8:cd:af:ff:27:e9:35:f7:1f:76:29:d9:02:
         fb:f1:6b:cf:d5:e6:84:3e:70:ba:f5:16:01:30:91:b1:e7:b9:
         c6:76:bb:f0:38:ea:d8:2d:7c:63:4d:20:f4:c9:73:b8:b7:81:
         83:2b:f1:ed:9e:26:3f:9b:75:16:97:e2:11:ba:82:8c:8c:ca:
         a7:06:21:e8:b1:63:26:67:a0:27:72:1b:96:66:d3:e0:9a:7c:
         de:ca:7a:fb:17:65:2e:b3:95:07:5f:2a:bb:e2:13:39:35:70:
         bc:22:b0:0d:8f:88:1a:c4:5c:e8:cd:c3:da:e3:df:35:3f:01:
         80:60:bf:61:15:bc:2a:c9:1e:f6:10:27:d9:ac:2f:85:0b:c8:
         9e:2c:50:1a:f0:c3:f4:32:c5:64:ce:d5:cc:78:7d:e5:9a:c2:
         86:64:c3:68:da:a9:88:ef:d8:2d:ee:f4:02:08:cc:ae:8d:c6:
         73:f4:be:0f:d4:89:8a:44:02:cc:7b:de:f2:69:f1:75:46:6f:
         df:77:c0:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYkg6C+mOolEpvcMxlQURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUxMTA0MTUwMDMyWhcNMjUxMTA1MTUwMDMyWjAzMTEwLwYDVQQD
EyhiMTc0YWY4MzUxNzUwMWFmNGNlNTg3YmY4M2FlNTE3YWJhYjVmYThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt53mKgrO78vRFGpehuEys1L6jpU
RFAcuJhnCnEBov+ZJ5GyxDCK72FhwOt3BviDjxqJj1eNVAHYLiU5Edp15WavH/v9
mGHRda6pRUmc3CPYobd9fB1bl8HBgWXJaqGuJggckqpXzqNjGOU3o9UK/VnSsiDK
cujWHUU/taLcXroxyW+ZdS5l/KgTIlzOBL/hm0wxtyiQ3yeEWFWwuIIHYF7E/fzB
WUoQvMjFOK+wUEYDzbyMdQTIxj0fLOjS7Ck4geVA4h6A4gI9cDHhbo6fi4K1qaAK
oqD1KUsTl1SIcGhEyX29G10MotK94aaEUG6BjZeTf8IppSqmoodl8CjNFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLF0r4NRdQGvTOWHv4OuUXq6tfqKMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATL/5geyV
Nc46qHJHN49kvv8QOHXWNuAI9QGmf9KIr7Gq912DDWy1QOAOMzqQrR1wQvtNwnlj
jo2weZ64za//J+k19x92KdkC+/Frz9XmhD5wuvUWATCRsee5xna78Djq2C18Y00g
9MlzuLeBgyvx7Z4mP5t1FpfiEbqCjIzKpwYh6LFjJmegJ3IblmbT4Jp83sp6+xdl
LrOVB18qu+ITOTVwvCKwDY+IGsRc6M3D2uPfNT8BgGC/YRW8Kske9hAn2awvhQvI
nixQGvDD9DLFZM7VzHh95ZrChmTDaNqpiO/YLe70AgjMro3Gc/S+D9SJikQCzHve
8mnxdUZv33fAxw==
-----END CERTIFICATE-----